Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
help:connecting:ssl [2015/08/27 22:36]
rubin [Introduction] 		help:connecting:ssl [2020/04/08 12:41] (current)
rubin
Line 2: Line 2:
  
 ===== Introduction ===== ===== Introduction =====
-This is a guide to help you configure your IRC client software to connect to AfterNET using SSL encryption. Our primary focus is on [[help:installing:xchat]], because that is what we use most, but it should help you get going with [[http://www.afternet.org/mirc|mirc]] and other software as well.+This is a guide to help you configure your IRC client software to connect to AfterNET using SSL encryption.
  
 ==== Why encryption ==== ==== Why encryption ====
-Our SSL encryption support is intended to protect you from those on __your local network__ intercepting passwords or reading your conversations. Essentially we want you to be able to login to your account(s) over wifi and speak poorly of your boss without fear of snooping. It is __NOT__ end-to-end security and you should never use IRC to discuss company secrets or anything truly of value. The government, and people with physical access to our hosting facilities could still spy on you.+Our SSL encryption support is intended to protect you from those on __your local network__ intercepting passwords or reading your conversations. Essentially we want you to be able to login to your account(s) over wifi and speak poorly of your boss without fear of snooping. It is __NOT__ end-to-end security and you should never use IRC to discuss company secrets or anything truly of value. Various governments and other people with physical access to our hosting facilities could still spy on you.
  
 ==== Enabling encryption ==== ==== Enabling encryption ====
-Our servers have SSL enabled on ports 6697 and 9998. So to begin with, you simply configure your IRC client to connect to the server named **irc.afternet.org** on port **6697** or **9998** and select the 'use encryption' checkbox+Our servers have SSL enabled on ports 6697 and 9998. **We support only TLS1.2** which means some older clients will not be able to use SSL if they can only do SSLv3 or TLS1. See our [[:help:installing|Clients page]] to find a client that will work for you.
  
 +Configure your software to connect to the server named **irc.afternet.org** on port **6697** or **9998** and enable encryption.
 +
 +=== hexchat ===
 +In the "hexchat -> Network List.." menu under AfterNET, Set the port to 6697 and select the 'use encryption' checkbox. You should also be able to leave the 'Accept invalid SSL certificates' checkbox **unchecked**
 +
 +=== ZNC ===
 +In the ZNC bouncer, add a '+' (plus sign) in front of the port number when adding a server to enable SSl on that server. example: ''/msg *status addserver irc.afternet.org +6697''
 +
 +=== mIRC ===
 +Make sure you have the latest version. Old versions have insecure ssl libraries which have been blocked.
 +
 +To [[http://www.mirc.com/ssl.html|enable SSL in mirc]] use the -e switch in the ''/server'' command, or put a '+' (plu sign) in front of the port number, ie +6697
  
 ==== Certificate Authority ==== ==== Certificate Authority ====
-Our server certificates are signed by StartCom, which should be a trusted authority by default for most people, but you can add them by using the certificate at [[https://www.startssl.com/certs/ca.pem]]+Our server certificates are signed by [[https://letsencrypt.org]] 
  

Page Tools